Chaos Program

The big tech story of the week is the one about Google making people mad with it’s new “Buzz” service. The most interesting aspect of this story is that everyone seems to have gotten it wrong.

Here’s the short version of the story: Google has some new social media application that makes all your email contacts into “friends” in the social networking sense and a lot of people objected to that, claiming that email contacts should be kept private, not advertised to the world as a friends list. This is stupid on so many levels – Google, their users, all the “analysts” – it’s hard to know where to start. So I’ll start at the beginning as far as I knew it.

The other morning, as I do most mornings, I brought up my gmail account and glanced to see if there was anything new. There was some kind of banner or thing about something called “Buzz.” I immediately thought “Hmm. Could this be a whack at Yahoo’s boring Buzz bookmarking service?” But no. I saw that my boss had already been there and made a comment. I also saw that to reply to his comment I had to create a “profile” that would make all of my email contacts into friends who I could then get Buzzy with, or some such thing.

I decided not to create the profile because I don’t use my gmail account for general email purposes. I have a yahoo account for that. My gmail account is mostly for poetry and other writing. I use it to communicate with the members of the Science Fiction Poetry Association, a lot of editors and a few close friends and family. It’s the kind of account – intentionally – receives the kind of joke emails that people forward all the time. In other words, while it’s a public address, I tend to use it for more private purposes.

Weirdly, Buzz shows that I have 6 followers, including 4 who do not have public profiles – which I also do not have. How do you follow someone who does not have a profile to follow? And if you don’t have a profile, how is it possible to follow someone else without a profile? What the hell is going on here? read more »

In a computer forensics class I’m currently taking, we studied a federal document that goes in to great detail about how to handle computer security incidents. Malicious code, intrusions, denial of service attacks, the whole gamut of computer/network events that can cause an organization trouble. The document, put out by the National Institute of Standards and Technology is called the Computer Security Incident Handling Guide (aka SP800-61) and it is some of the most useful, albeit hideously boring, reading available for IT professionals currently available.

However, useful and wonderful though it is, I have some problems with this publication. There is very little I can point to and say, “This is wrong.” It covers a lot of territory in an organized way. It gives good advice. Yet I find the total effect to be unsatisfying. Sure, any organization that implements all of the recommendations in this document will be well protected and very capable at responding to incidents when they happen. The trouble is that no organization on Earth is ever going to implement ALL of the recommendations. I don’t think there is enough trained manpower or enough time or money in the world to ever achieve the level of protection detailed (I could even say mind-numbingly detailed) herein.

There is discussion of plans, policies and procedures, guidelines and knowledge bases. The document includes checklists and tables, incident categories and even a marvelous equation for rating the severity of an event. It’s all very complete and very thorough and, as I said, all very sound and reasonable.

I just can’t imagine it can possibly work in practice.

read more »

In The Moon is a Harsh Mistress, Robert Heinlein’s masterpiece about freedom, revolution and the humor of artificial intelligence, there’s a bit where the lunar colonists throw rocks at the Earth. Big rocks. Gravity makes them into incredibly destructive weapons. The people of Earth can’t do much about it because even getting to the moon is a huge effort. This is a military principle we’ll call the high ground effect, as in when you have the high ground, you have a huge advantage over the other guy. That’s why fighter planes attack from above, why artillery is placed on mountains and why countless battles have been fought over hills (Pork Chop Hill. Bunker hill. etc. etc)

Remember this effect. It will matter soon.

The big news this week is that that misbegotten ground hog has condemned us to another month and a half of global non-warming. Of slightly less import but possibly still newsworthy is that this budget cuts funding for NASA’s shuttle replacement program and for the planned return to the Moon (see here, here , here and here). One obvious point about this: In a budget with a deficit of $1.6+ trillion, the changes being made to NASA are not about the cost-benefit analysis. A budget with such an astronomical deficit is not one where there has been any effort to make the hard budgeting decisions. Just forget that idea. This leads to exactly one conclusion: The cuts to NASA and the narrowing of its mission is an ideological decision. read more »